DOCSLIB.ORG

Updathing: a Secure Firmware Update System for Internet of Things Devices

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Updathing: a Secure Firmware Update System for Internet of Things Devices UpdaThing: a secure firmware update system for Internet of Things devices Tomás Alexandre Diniz de Pinho Instituto Superior Técnico, Universidade de Lisboa Av. Rovisco Pais, 1 1049-001 Lisboa, Portugal [email protected] ABSTRACT The Internet of Things (IoT) has amassed interest from in- dustry and consumers, and devices belonging to this class are being deployed at a rapid rate, to collected data that will help to solve problems in many different domains. Man- ufacturers have to provide support to such deployments and thus have to patch the software running on these devices when a bug is found and corrected. Therefore, updating the firmware running on these devices requires a firmware update mechanism, which presents security challenges, as it can be used by malicious actors to compromise these devices in bulk. In this paper, we propose, implement and evaluate a firm- ware update system that is easy to deploy and easy to use, Figure 1: Gateway connecting limited sensor devices assures code authenticity (integrity and proof of origin), con- to a Data Center. fidentiality and freshness in the update process, defeating the most relevant external security threats. As the IoT continues to grow, so does the number of con- nected devices that require manufacturer support. \All soft- ware has bugs" is a known fact of Software Engineering [19], so manufacturers have to plan for and provide some sort of patch management process that corrects them in end-user Keywords devices. Updating software in IoT devices is usually performed via Internet of Things; Firmware; Software update; Over-the- updating their firmware in its entirety[5]. This process in- air update; Security; Public Key Infrastructure; Embedded volves some firmware update mechanism that allows devices Systems to connect to a server deployed by the manufacturer in order to download and update to a newer firmware image. How- ever, if not correctly designed, this mechanism may pose a severe threat as it may be used by malicious actors to com- promise these devices in bulk, obtain proprietary code or 1. INTRODUCTION sensitive information[24]. For the past few years, there has been a surge in pop- This paper presents an open-source secure firmware up- ularity of the Internet of Things (IoT) among consumers date mechanism aimed at IoT gateways. Our system assures and manufacturers and it is now a well-known class of de- proof of origin, integrity and in-transit confidentiality of the vices with multiple software libraries and development kits update images, while still being easy to use and deploy. available[25]. IoT systems, in small-business or home de- We assess the security of our system by conducting a ployments, are usually implemented via a set of sensors that STRIDE threat assessment on its endpoints, measuring net- capture events or measurements; and a central IoT gateway, work overhead and energy consumption, before comparing a more capable device that sits between resource-constrained it to relevant related work. devices, which operate on specific protocols, and the In- ternet, serving as a bridge between them[17]. The sensors 1.1 Overview transmit data using specific low-energy protocols to the IoT This paper is organized as follows: we present all necessary gateway which may pre-process the data or add some more background on the development and updating of firmware data collected by its own sensors (if it has them). The gate- for embedded systems in Section 2. In Section 3, we spec- way then sends collected data to a Data Center, where it may ify the requirements that our system must satisfy and the be processed and made available through some other media mechanisms which we will be using to provide our security (i.e. Web/Mobile Applications). The role of the gateway is guarantees. In Section 4, we provide the implementation illustrated in Figure 1. details of our system, what components it has and how they interoperate. In Section 5, we evaluate our system in five that shared-keys are susceptible to attacks since an attacker domains: which initial requirements it satisfies, how it fares may be able to obtain it by exploiting a device and then against a STRIDE analysis, which includes possible attacks using it to sign images for all devices of the same model. and their mitigation, how much network overhead it causes, Public-Private Key pairs are more difficult to obtain since how much energy it consumes and how much it costs to run it is a difficult process to obtain a Private Key (held by the it. In Section 6, we take a look at previously studied related manufacturer) from a Public Key (present in devices)[23]. work and briefly analyse some of its shortcomings and how our system fares against it, comparatively. Finally, in Sec- 2.3 Image Generation tion 7, we conclude this document and propose further work In order to have an update image to flash a device with, it in this field. must be generated somehow. A filesystem with the OS, re- quired services and applications must be put together in or- 2. BACKGROUND der to produce a flashable image. Linux-based devices must, at the bare minimum, run a Linux kernel, an init system (a In this section we provide technical details for the firmware program that is responsible for launching all services and image operations that are relevant to our solution. applications after the kernel finishes booting) and required 2.1 Image Flashing services and applications[10]. Therefore, the manufacturer has to configure and compile the Linux kernel with any re- IoT devices possess some kind of permanent bootable mem- quired kernel modules for the target architecture, write or ory from which the device boots its Operating System (OS) choose an init system and write or choose required services via its bootloader[8]. In order for the device to be updatable and applications to include in the image. Usually, this pro- after being initially flashed at a factory plant, this memory cess is automated by the development or usage of scripts must be writable by the device's bootloader, or even by its that do all these tasks in a repeatable manner to integrate OS. The manufacturer has to write some specialized code, all manufacturer-developed applications into a useful filesys- that is run alongside the device's main application, which in tem image. turn is responsible for looking for and fetching new firmware update images. The code may or may not perform additional functionality (such as image verification) and flash the image 3. TECHNICAL SPECIFICATION directly or instruct the bootloader to do so on the device's Since there are numerous and distinct chipsets and System- next reboot. On-a-Chip (SoC) offerings geared towards the development Devices running the Linux OS may write to their perma- and integration of IoT gateway devices, we chose to develop nent bootable memory (their root filesystem) as long as its an update management system targeted at IoT devices that not being used by any running services or applications. The run the Linux OS. These devices may be powered, for in- manufacturers usually implement some sort of two-phased stance, by ARMv6 and ARMv7-based SoC packages. As boot process in which a minimal initramfs[18]1 is loaded into all Raspberry Pi2 models belong to this category, that was the device's Random Access Memory (RAM)[20] that can one of the reasons why we chose them as a development perform this sort of operations on the permanent bootable platform. By being partly open source and relatively cheap memory before booting the entire system, with its services (5-40$, depending on the model, as of the time of writing), and applications. the Raspberry Pi has been used by many companies as the SoC for their products. 2.2 Image Verification The Raspberry Pi may serve as an IoT gateway since it After downloading an update image, the device's firmware can connect to the Internet, via its built-in (dependent on update mechanism may perform some steps to verify the the model) Ethernet port or Universal Serial Bus (USB) Wi- transferred image. Some devices perform integrity checks, Fi adapter, and it can interface with other sensors, via other by running an hashing function (i.e., CRC32, MD5, SHA1/2, USB adapters, such as Bluetooth or ZigBee adapters. One etc.) through the image and comparing its output to addi- may also connect sensors directly to the Raspberry Pi via its tional downloaded metadata[7]. This sort of integrity check General-Purpose Input/Output (GPIO) pins, functioning as does not provide any security guarantees, as the metadata an IoT gateway with included sensors. and image could have been altered in-transit by a malicious The cost of these devices, ease of use and popularity were actor, but guarantees some safety in the update process by the main reasons why we picked these SoCs as the tool for safeguarding against data corruption of the update image. our work. Other devices may perform proof of origin checks of the downloaded update images by coupling the previously men- tioned integrity checks with a signed hash of the update image[21][11]. These devices calculate the hash of the up- date image and then perform a cryptographic operation on it to verify that a specific shared-key or public-key has been used to sign the downloaded hash, present in the update metadata, thus verifying the image's origin. We should note 1The initramfs is a cpio ("copy in and out") archive of the initial file system that gets loaded into memory during the Linux startup process.
Load more

Recommended publications
  • Internet of Things Meets Brain-Computer Interface: a Unified Deep Learning Framework for Enabling Human-Thing Cognitive Interactivity
    JOURNAL OF LATEX CLASS FILES, VOL. 14, NO. 8, AUGUST 2015 1 Internet of Things Meets Brain-Computer Interface: A Unified Deep Learning Framework for Enabling Human-Thing Cognitive Interactivity Xiang Zhang, Student Member, IEEE, Lina Yao, Member, IEEE, Shuai Zhang, Student Member, IEEE, Salil Kanhere, Member, IEEE, Michael Sheng, Member, IEEE, and Yunhao Liu, Fellow, IEEE Abstract—A Brain-Computer Interface (BCI) acquires brain signals, analyzes and translates them into commands that are relayed to actuation devices for carrying out desired actions. With the widespread connectivity of everyday devices realized by the advent of the Internet of Things (IoT), BCI can empower individuals to directly control objects such as smart home appliances or assistive robots, directly via their thoughts. However, realization of this vision is faced with a number of challenges, most importantly being the issue of accurately interpreting the intent of the individual from the raw brain signals that are often of low fidelity and subject to noise. Moreover, pre-processing brain signals and the subsequent feature engineering are both time-consuming and highly reliant on human domain expertise. To address the aforementioned issues, in this paper, we propose a unified deep learning based framework that enables effective human-thing cognitive interactivity in order to bridge individuals and IoT objects. We design a reinforcement learning based Selective Attention Mechanism (SAM) to discover the distinctive features from the input brain signals. In addition, we propose a modified Long Short-Term Memory (LSTM) to distinguish the inter-dimensional information forwarded from the SAM. To evaluate the efficiency of the proposed framework, we conduct extensive real-world experiments and demonstrate that our model outperforms a number of competitive state-of-the-art baselines.
    [Show full text]
  • The Internet of Things (Iot): an Overview
    Updated February 12, 2020 The Internet of Things (IoT): An Overview The Internet of Things (IoT) is a system of interrelated incorporation of IIoT and analytics is viewed by experts as devices connected to a network and/or to one another, the Fourth Industrial Revolution, or 4IR. exchanging data without necessarily requiring human-to- machine interaction. In other words, IoT is a collection of Internet of Medical Things (IoMT): The healthcare field electronic devices that can share information among has begun incorporating IoT, creating the Internet of themselves. Examples include smart factories, smart home Medical Things (IoMT). These devices, such as heart devices, medical monitoring devices, wearable fitness monitors and pace makers, collect and send patient health trackers, smart city infrastructures, and vehicular statistics over various networks to healthcare providers for telematics. Potential issues for Congress include regulation, monitoring, analysis, and remote configuration. At a digital privacy, and data security as discussed below. personal health level, wearable IoT devices, such as fitness trackers and smart watches, can track a user’s physical IoT Characteristics activities, basic vital data, and sleeping patterns. According IoT devices are often called “smart” devices because they to a 2019 survey by Pew Research, about one-in-five have sensors and can conduct complex data analytics. IoT Americans uses a smart watch or fitness tracker. devices collect data using sensors and offer services to the user based on the analyses of that data and according to Smart Cities: IoT devices and systems in the utilities, user-defined parameters. For example, a smart refrigerator transportation, and infrastructure sectors may be grouped uses sensors (e.g., cameras) to inventory stored items and under the category of “smart city.” Utilities can use IoT to can alert the user when items run low based on image create “smart” grids and meters for electricity, water, and recognition analyses.
    [Show full text]
  • Fog Computing: a Platform for Internet of Things and Analytics
    Fog Computing: A Platform for Internet of Things and Analytics Flavio Bonomi, Rodolfo Milito, Preethi Natarajan and Jiang Zhu Abstract Internet of Things (IoT) brings more than an explosive proliferation of endpoints. It is disruptive in several ways. In this chapter we examine those disrup- tions, and propose a hierarchical distributed architecture that extends from the edge of the network to the core nicknamed Fog Computing. In particular, we pay attention to a new dimension that IoT adds to Big Data and Analytics: a massively distributed number of sources at the edge. 1 Introduction The “pay-as-you-go” Cloud Computing model is an efficient alternative to owning and managing private data centers (DCs) for customers facing Web applications and batch processing. Several factors contribute to the economy of scale of mega DCs: higher predictability of massive aggregation, which allows higher utilization with- out degrading performance; convenient location that takes advantage of inexpensive power; and lower OPEX achieved through the deployment of homogeneous compute, storage, and networking components. Cloud computing frees the enterprise and the end user from the specification of many details. This bliss becomes a problem for latency-sensitive applications, which require nodes in the vicinity to meet their delay requirements. An emerging wave of Internet deployments, most notably the Internet of Things (IoTs), requires mobility support and geo-distribution in addition to location awareness and low latency. We argue that a new platform is needed to meet these requirements; a platform we call Fog Computing [1]. We also claim that rather than cannibalizing Cloud Computing, F. Bonomi R.
    [Show full text]
  • The Internet of Things: Impact on Public Safety Communications
    Cybersecurity and Infrastructure Security Agency The Internet of Things March 2019 The Internet of Things: Impact on Public Safety Communications The Internet of Things (IoT) is the network of physical devices and connectivity that enables objects to connect to one another, to the Internet, and exchange data amongst themselves.1, 2 IoT allows connected devices to be sensed or controlled remotely across network infrastructures, creating opportunities for more direct, cross-platform integration and improved efficiencies for the transfer of data between devices. IoT presents undeniable implications for public safety IoT goes beyond simply connecting communications. In turn, comprehensively addressing the objects to the Internet; it allows ever-growing IoT environment presents a unique challenge to physical objects to intelligently self- service providers, equipment manufacturers, and consumers. identify and communicate with other Harnessing network architecture changes and equipping devices, creating a new model of everyday objects to be IoT-enabled will allow public safety information sharing with a variety of stakeholders to maximize existing infrastructure investments potential applications. and provide near-real time decision support experiences that can change how they operate. IoT Benefits IoT-enabled devices can provide numerous benefits to public safety, as shown in Table 1. For example, a traffic accident response team could use the data collected from a variety of Internet-connected devices ― such as the involved vehicles (e.g.,
    [Show full text]
  • Home Automation System Using Google Assistant
    © 2021 JETIR June 2021, Volume 8, Issue 6 www.jetir.org (ISSN-2349-5162) HOME AUTOMATION SYSTEM USING GOOGLE ASSISTANT MUDASIR M, NEHA V, NIHAAL THATHIR K, PAVAN YADAV M, POLLARPU SREERAMULU, SMITHA PATIL B.Tech. Student, Department of Computer Science and Engineering, Presidency University, Bangalore, India B.Tech. Student, Department of Computer Science and Engineering, Presidency University, Bangalore, India B.Tech. Student, Department of Computer Science and Engineering, Presidency University, Bangalore, India B.Tech. Student, Department of Computer Science and Engineering, Presidency University, Bangalore, India B.Tech. Student, Department of Computer Science and Engineering, Presidency University, Bangalore, India Assistant Professor, Department of Computer Science and Engineering, Presidency University, Bangalore, India Abstract: Nowadays Technology keeps on upgrading. The idea behind Google assistant-controlled Home automation is to control home devices with voice. On the market there are many devices available to do that, but making our own is awesome. In this project, the Google assistant requires voice commands. Adafruit account which is a cloud based free IoT web server used to create virtual switches, is linking to IFTTT website abbreviated as “If This Than That” which is used to create if else conditional statements. The voice commands for Google assistant have been added through IFTTT website. In this home automation, as the user gives commands to the Google assistant, Home appliances like Bulb, Fan and Motor etc., can be controlled accordingly. The commands given through the Google assistant are decoded and then sent to the microcontroller, the microcontroller in turn control the relays connected to it. The device connected to the respective relay can be turned ON or OFF as per the users request to the Google Assistant.
    [Show full text]
  • Predictive Analysis of 3D Reram-Based PUF for Securing the Internet of Things
    Predictive Analysis of 3D ReRAM-based PUF for Securing the Internet of Things Jeeson Kim Hussein Nili School of Engineering Electrical and Computer Engineering RMIT University University of California Santa Barbara Melbourne, Australia Santa Barbara, USA [email protected] [email protected] Gina C. Adam Nhan Duy Truong Electrical and Computer Engineering School of Engineering University of California Santa Barbara RMIT University Santa Barbara, USA Melbourne, Australia gina [email protected] [email protected] Dmitri B. Strukov Omid Kavehei Electrical and Computer Engineering Electrical and Information Engineering University of California Santa Barbara The University of Sydney Santa Barbara, USA Sydney, Australia [email protected] [email protected] Abstract—In recent years, an explosion of IoT devices challenge [2, 3]. Widely used traditional cryptographic and its use leads threats to the privacy and security solutions, for example, advanced encryption standard concerns of individual users and merchandises. As one (AES) and elliptic curve cryptography (ECC), can be of promising solutions, physical unclonable function (PUF) has been extensively studied. This paper investigates quality used for both the integrity and the authentication of of randomness in the first generation of 3D analog ReRAM exchanging data and messages. PUF primitives using measured and gathered data from IoT hardware anti-counterfeiting, integrated circuit fabricated ReRAM crossbars. This study is significant as (IC) trust and physical tampering are also critical the randomness quality of a PUF directly relates to its tasks [4]. In 2014, defense advanced research projects resilience against various model-building attacks, includ- ing machine learning attack.
    [Show full text]
  • Paving the Way for Self-Driving Vehicles”
    June 13, 2017 The Honorable John Thune, Chairman The Honorable Bill Nelson, Ranking Member U.S. Senate Committee on Commerce, Science & Transportation 512 Dirksen Senate Office Building Washington, DC 20510 RE: Hearing on “Paving the Way for Self-Driving Vehicles” Dear Chairman Thune and Ranking Member Nelson: We write to your regarding the upcoming hearing “Paving the Way for Self-Driving Vehicles,”1 on the privacy and safety risks of connected and autonomous vehicles. For more than a decade, the Electronic Privacy Information Center (“EPIC”) has warned federal agencies and Congress about the growing risks to privacy resulting from the increasing collection and use of personal data concerning the operation of motor vehicles.2 EPIC was established in 1994 to focus public attention on emerging privacy and civil liberties issues. EPIC engages in a wide range of public policy and litigation activities. EPIC testified before the House of Representatives in 2015 on “the Internet of Cars.”3 Recently, EPIC 1 Paving the Way for Self-Driving Vehicles, 115th Cong. (2017), S. Comm. on Commerce, Science, and Transportation, https://www.commerce.senate.gov/public/index.cfm/pressreleases?ID=B7164253-4A43- 4B70-8A73-68BFFE9EAD1A (June 14, 2017). 2 See generally EPIC, “Automobile Event Data Recorders (Black Boxes) and Privacy,” https://epic.org/privacy/edrs/. See also EPIC, Comments, Docket No. NHTSA-2002-13546 (Feb. 28, 2003), available at https://epic.org/privacy/drivers/edr_comments.pdf (“There need to be clear guidelines for how the data can be accessed and processed by third parties following the use limitation and openness or transparency principles.”); EPIC, Comments on Federal Motor Vehicle Safety Standards; V2V Communications, Docket No.
    [Show full text]
  • Internet of Things
    INTERNET OF THINGS Internet of Things (IoT) or smart devices refers to any object or device that is connected to the Internet. This rapidly expanding set of “things,” which can send and receive data, includes cars, appliances, smart watches, lighting, home assistants, home security, and more. #BeCyberSmart to connect with confidence and protect your interconnected world. WHY SHOULD WE CARE? • Cars, appliances, wearables, lighting, healthcare, and home security all contain sensing devices that can talk to another machine and trigger other actions. Examples include devices that direct your car to an open spot in a parking lot; mechanisms that control energy use in your home; and tools that track eating, sleeping, and exercise habits. • New Internet-connected devices provide a level of convenience in our lives, but they require that we share more information than ever. • The security of this information, and the security of these devices, is not always guaranteed. Once your device connects to the Internet, you and your device could potentially be vulnerable to all sorts of risks. • With more connected “things” entering our homes and our workplaces each day, it is important that everyone knows how to secure their digital lives. SIMPLE TIPS TO OWN IT. • Shake up your password protocol. Change your device’s factory security settings from the default password. This is one of the most important steps to take in the protection of IoT devices. According to NIST guidance, you should consider using the longest password or passphrase permissible. Get creative and create a unique password for your IoT devices. Read the Creating a Password Tip Sheet for more information.
    [Show full text]
  • Internet of Things Innovation Landscape Brief © Irena 2019
    INTERNET OF THINGS INNOVATION LANDSCAPE BRIEF © IRENA 2019 Unless otherwise stated, material in this publication may be freely used, shared, copied, reproduced, printed and/or stored, provided that appropriate acknowledgement is given of IRENA as the source and copyright holder. Material in this publication that is attributed to third parties may be subject to separate terms of use and restrictions, and appropriate permissions from these third parties may need to be secured before any use of such material. ISBN 978-92-9260-142-3 Citation: IRENA (2019), Innovation landscape brief: Internet of Things, International Renewable Energy Agency, Abu Dhabi. ACKNOWLEDGEMENTS This report was prepared by the Innovation team at IRENA’s Innovation and Technology Centre (IITC) with text authored by Sean Ratka, Arina Anisie, Francisco Boshell and Nadeem Goussous. This report benefited from the input and review of experts: Tiago Maouras (EDP), Stephen Woodhouse and Tom Ingelse (Poyry), Jaideep Sandhu (Engie), along with Emanuele Taibi, Elena Ocenic, Nina Litman-Roventa and Paul Komor (IRENA). Report available online: www.irena.org/publications For questions or to provide feedback: [email protected] DISCLAIMER This publication and the material herein are provided “as is”. All reasonable precautions have been taken by IRENA to verify the reliability of the material in this publication. However, neither IRENA nor any of its officials, agents, data or other third- party content providers provides a warranty of any kind, either expressed or implied, and they accept no responsibility or liability for any consequence of use of the publication or material herein. The information contained herein does not necessarily represent the views of all Members of IRENA.
    [Show full text]
  • Future-Proofing the Connected World: 13 Steps to Developing Secure Iot Products
    Future-proofing the Connected World: 13 Steps to Developing Secure IoT Products Presented by the IoT Working Group Table of Contents Forward Introduction Document Scope The Need for IoT Security IoT Products Can Compromise Privacy IoT products can lend their computing power to launch DDoS Attacks Medical Devices and Medical Standard Protocols are Vulnerable to Attack Drones Are Approaching Mainstream Status and Being Used as a Platform for Reconnaissance Critical national infrastructure can rely on the IoT ecosystem Cars are becoming connected and autonomous Moving Forward Why Development Organizations Should Care About Securing IoT Products IoT Device Security Challenges IoT products may be deployed in insecure or physically exposed environments Security is new to many manufacturers and there is limited security planning in development methodologies Security is not a business driver and there is limited security sponsorship and management support in development of IoT products There is a lack of defined standards and reference architecture for secure IoT development There are difficulties recruiting and retaining requisite skills for IoT development teams including architects, secure software engineers, hardware security engineers, and security testing staff The low price point increases the potential adversary pool Resource constraints in embedded systems limit security options IoT Security Survey Guidance for Secure IoT Development 1. Start with a Secure Development Methodology Security Requirements Security Processes Perform Safety Impact Assessment Perform Threat Modeling 2. Implement a Secure Development and Integration Environment Evaluate Programming Languages OWASP Python Security Project Link Integrated Development Environments Continuous Integration Plugins Testing and Code Quality Processes 3. Identify Framework and Platform Security Features Selecting an Integration Framework Evaluate Platform Security Features 4.
    [Show full text]
  • Internet of Things (Iot) Operating Systems Management: Opportunities, Challenges, and Solution
    sensors Editorial Internet of Things (IoT) Operating Systems Management: Opportunities, Challenges, and Solution Yousaf Bin Zikria 1, Sung Won Kim 1,*, Oliver Hahm 2, Muhammad Khalil Afzal 3 and Mohammed Y. Aalsalem 4 1 Department of Information and Communication Engineering, Yeungnam University, 280 Daehak-Ro, Gyeongsan, Gyeongbuk 38541, Korea; [email protected] 2 Zühlke Group, Eschborn, 65760 Hessen, Germany; [email protected] 3 Department of Computer Science, COMSATS University Islamabad, Wah Campus, Wah Cantt 47010, Pakistan; [email protected] 4 Department of Computer Networks, Jazan University, Jazan 45142, Saudi Arabia; [email protected] * Correspondence: [email protected]; Tel.: +82-53-810-4742 Received: 9 April 2019; Accepted: 11 April 2019; Published: 15 April 2019 Abstract: Internet of Things (IoT) is rapidly growing and contributing drastically to improve the quality of life. Immense technological innovations and growth is a key factor in IoT advancements. Readily available low cost IoT hardware is essential for continuous adaptation of IoT. Advancements in IoT Operating System (OS) to support these newly developed IoT hardware along with the recent standards and techniques for all the communication layers are the way forward. The variety of IoT OS availability demands to support interoperability that requires to follow standard set of rules for development and protocol functionalities to support heterogeneous deployment scenarios. IoT requires to be intelligent to self-adapt according to the network conditions. In this paper, we present brief overview of different IoT OSs, supported hardware, and future research directions. Therein, we provide overview of the accepted papers in our Special Issue on IoT OS management: opportunities, challenges, and solution.
    [Show full text]
  • A Prototype of EEG System for Iot
    2nd Reading May 2, 2020 16:12 2050018 International Journal of Neural Systems, Vol. 30, No. 7 (2020) 2050018 (15 pages) c The Author(s) DOI: 10.1142/S0129065720500185 A Prototype of EEG System for IoT Francisco Laport, Adriana Dapena∗,PaulaM.Castro, Francisco J. Vazquez-Araujo and Daniel Iglesia Department of Computer Engineering CITIC Research Center & University of A Coru˜na Campus de Elvi˜na, A Coru˜na 15071, Spain ∗[email protected] Accepted 5 February 2020 Published Online 4 May 2020 In this work, we develop open source hardware and software for eye state classification and integrate it with a protocol for the Internet of Things (IoT). We design and build the hardware using a reduced number of components and with a very low-cost. Moreover, we propose a method for the detection of open eyes (oE) and closed eyes (cE) states based on computing a power ratio between different frequency bands of the acquired signal. We compare several real- and complex-valued transformations combined with two decision strategies: a threshold-based method and a linear discriminant analysis. Simulation results show both classifier accuracies and their corresponding system delays. Keywords: Electroencephalography; Internet of Things; prototype; signal processing. 1. Introduction NeuroSky Mindwave.12 However, both the Emotiv or NeuroSky devices require the use of accompany- Brain–Computer Interfaces (BCI) are communica- ing proprietary software. tion systems that monitor the cerebral activity and In this work, we present a prototype of an EEG translate certain characteristics, corresponding to 1 device designed to acquire signals using a reduced user intentions, to commands for device control.
    [Show full text]